def test_get_version(tmpdir):
content = {"spam": "eggs"}
version_json = tmpdir.join("version.json")
version_json.write(json.dumps(content))
version = get_version(str(tmpdir))
assert version == content
def test_get_version(tmpdir):
content = {'spam': 'eggs'}
version_json = tmpdir.join('version.json')
version_json.write(json.dumps(content))
version = get_version(str(tmpdir))
assert version == content
class Core(Configuration, AWS, CORS):
"""Settings that will never change per-environment."""
# THIS_DIR = os.path.dirname(os.path.abspath(__file__))
# BASE_DIR = os.path.dirname(THIS_DIR)
BASE_DIR = BASE_DIR
STATIC_URL = "/"
STATIC_ROOT = values.PathValue(
os.path.join(BASE_DIR, "ui/build"), check_exists=False
)
VERSION = get_version(BASE_DIR)
INSTALLED_APPS = [
"django.contrib.contenttypes",
"corsheaders",
"dockerflow.django",
"buildhub.main",
"buildhub.api",
"buildhub.ingest",
]
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"corsheaders.middleware.CorsMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"dockerflow.django.middleware.DockerflowMiddleware",
"buildhub.whitenoise_extra.BuildhubWhiteNoiseMiddleware",
"buildhub.middleware.StatsMiddleware",
]
ROOT_URLCONF = "buildhub.urls"
WSGI_APPLICATION = "buildhub.wsgi.application"
# Internationalization
LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
USE_I18N = False
USE_L10N = False
USE_TZ = True
DOCKERFLOW_CHECKS = [
# Defaults are documented here:
# https://python-dockerflow.readthedocs.io/en/latest/django.html#dockerflow-checks
"dockerflow.django.checks.check_database_connected",
"dockerflow.django.checks.check_migrations_applied",
"buildhub.dockerflow_extra.check_elasticsearch",
]
# The default is that Whitenoise sets `Access-Control-Allow-Origin: *` for
# static assets. We don't need that because we don't intend to serve the
# static assets via a CDN.
WHITENOISE_ALLOW_ALL_ORIGINS = False
class Core(Configuration, AWS, CORS):
"""Settings that will never change per-environment."""
# THIS_DIR = os.path.dirname(os.path.abspath(__file__))
# BASE_DIR = os.path.dirname(THIS_DIR)
BASE_DIR = BASE_DIR
VERSION = get_version(BASE_DIR)
INSTALLED_APPS = [
'django.contrib.contenttypes',
'corsheaders',
'dockerflow.django',
'buildhub.main',
'buildhub.api',
'buildhub.ingest',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'dockerflow.django.middleware.DockerflowMiddleware',
]
ROOT_URLCONF = 'buildhub.urls'
WSGI_APPLICATION = 'buildhub.wsgi.application'
# Internationalization
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = False
USE_L10N = False
USE_TZ = True
DOCKERFLOW_CHECKS = [
# Defaults are documented here:
# https://python-dockerflow.readthedocs.io/en/latest/django.html#dockerflow-checks
'dockerflow.django.checks.check_database_connected',
'dockerflow.django.checks.check_migrations_applied',
'buildhub.dockerflow_extra.check_elasticsearch',
]
class Core(AWS, GCP, Celery, S3, GCS, Configuration):
"""Settings that will never change per-environment."""
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
BASE_DIR = os.path.dirname(THIS_DIR)
VERSION = get_version(BASE_DIR)
# Using the default first site found by django.contrib.sites
SITE_ID = 1
INSTALLED_APPS = [
# Django apps
"django.contrib.sites",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
# Project specific apps
"tecken.apps.TeckenAppConfig",
"tecken.symbolicate",
"tecken.download",
"tecken.upload",
"tecken.tokens",
"tecken.api",
"tecken.useradmin",
"tecken.benchmarking",
# Third party apps
"dockerflow.django",
# Third party apps, that need to be listed last
"mozilla_django_oidc",
]
# June 2017: Notice that we're NOT adding
# 'mozilla_django_oidc.middleware.RefreshIDToken'. That's because
# most views in this project are expected to be called as AJAX
# or from curl. So it doesn't make sense to require every request
# to refresh the ID token.
# Once there is a way to do OIDC ID token refreshing without needing
# the client to redirect, we can enable that.
# Note also, the ostensible reason for using 'RefreshIDToken' is
# to check that a once-authenticated user is still a valid user.
# So if that's "disabled", that's why we have rather short session
# cookie age.
MIDDLEWARE = (
"dockerflow.django.middleware.DockerflowMiddleware",
# 'django.middleware.csrf.CsrfViewMiddleware',
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"tecken.tokens.middleware.APITokenAuthenticationMiddleware",
# Important that this comes after APITokenAuthenticationMiddleware
"tecken.useradmin.middleware.NotBlockedInAuth0Middleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
)
ROOT_URLCONF = "tecken.urls"
WSGI_APPLICATION = "tecken.wsgi.application"
# Add the django-allauth authentication backend.
AUTHENTICATION_BACKENDS = (
"django.contrib.auth.backends.ModelBackend",
"mozilla_django_oidc.auth.OIDCAuthenticationBackend",
)
# Internationalization
# https://docs.djangoproject.com/en/1.9/topics/i18n/
LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
USE_I18N = False
USE_L10N = False
USE_TZ = True
DATETIME_FORMAT = "Y-m-d H:i" # simplified ISO format since we assume UTC
STATIC_ROOT = values.Value(
default=os.path.join(BASE_DIR, "frontend/build"))
STATIC_URL = "/"
# The default Cache-Control max-age used,
WHITENOISE_MAX_AGE = values.IntegerValue(60 * 60)
SESSION_ENGINE = "django.contrib.sessions.backends.cached_db"
SESSION_CACHE_ALIAS = "default"
# System Checks
# Override certain builtin Django system checks because we know
# with confidence we do these good deeds in Nginx.
# https://docs.djangoproject.com/en/1.11/ref/checks/#security
SILENCED_SYSTEM_CHECKS = [
"security.W001", # Dealt with using Nginx headers
"security.W002", # Dealt with using Nginx headers
"security.W003", # CSRF is explicit only on the views that need it
# We can't set SECURE_HSTS_INCLUDE_SUBDOMAINS since this runs under a
# mozilla.org subdomain
"security.W005",
"security.W004", # Strict-Transport-Security is set in Nginx
]
OIDC_RP_CLIENT_ID = values.SecretValue()
OIDC_RP_CLIENT_SECRET = values.SecretValue()
OIDC_OP_AUTHORIZATION_ENDPOINT = values.URLValue(
"https://auth.mozilla.auth0.com/authorize")
OIDC_OP_TOKEN_ENDPOINT = values.URLValue(
"https://auth.mozilla.auth0.com/oauth/token")
OIDC_OP_USER_ENDPOINT = values.URLValue(
"https://auth.mozilla.auth0.com/userinfo")
# Feature flag for the Auth0 Management API check that checks if users
# are still valid and not blocked in Auth0's user database.
ENABLE_AUTH0_BLOCKED_CHECK = values.BooleanValue(True)
# There's a middleware that checks if the user is NOT blocked in
# Auth0. But we don't want to do it for every single request, since
# it's slowish, so we throttle that check with a cache interval.
NOT_BLOCKED_IN_AUTH0_INTERVAL_SECONDS = values.IntegerValue(60 * 60 * 24)
# Keep it quite short because we don't have a practical way to do
# OIDC ID token renewal for this AJAX and curl heavy app.
SESSION_COOKIE_AGE = values.IntegerValue(60 * 60 * 24 * 365)
# Where users get redirected after successfully signing in
LOGIN_REDIRECT_URL = "/?signedin=true"
LOGIN_REDIRECT_URL_FAILURE = "/?signin=failed"
# API Token authentication is off by default until Tecken has
# gone through a security checklist.
ENABLE_TOKENS_AUTHENTICATION = values.BooleanValue(True)
TOKENS_DEFAULT_EXPIRATION_DAYS = values.IntegerValue(365) # 1 year
# Feature flag for enabling or disabling the possible downloading
# of missing symbols from Microsoft.
ENABLE_DOWNLOAD_FROM_MICROSOFT = values.BooleanValue(False)
# When a symbol is tried to be downloaded, and it turns out the symbol
# does *not* exist in S3, we write this down so all missing symbols
# can be post-processed after.
# But we only need to write it down once per symbol. There's a memoizing
# guard and this defines how long it should cache that it memoized.
MEMOIZE_LOG_MISSING_SYMBOLS_SECONDS = values.IntegerValue(60 * 60 * 24)
# Whether or not benchmarking is enabled. It's only useful to have this
# enabled in environments dedicated for testing and load testing.
BENCHMARKING_ENABLED = values.BooleanValue(False)
# When we ask S3 for the size (if it exists) of a symbol already in S3
# this can be cached. This value determines how long we do that caching.
MEMOIZE_KEY_EXISTING_SIZE_SECONDS = values.IntegerValue(60 * 60 * 24)
# When we upload a .zip file, we iterate over the content and for each
# file within (that isn't immediately "ignorable") we kick off a
# function which figures out what (and how) to process the file.
# That function involves doing a S3/GCS GET (technically ListObjectsV2),
# (possible) gzipping the payload and (possibly) a S3/GCS PUT.
# All of these function calls get put in a
# concurrent.futures.ThreadPoolExecutor pool. This setting is about
# how many of these to start, max.
UPLOAD_FILE_UPLOAD_MAX_WORKERS = values.IntegerValue(default=None)
# Whether to store the missing symbols in Postgres or not.
# If you disable this, at the time of writing, missing symbols
# will be stored in the Redis default cache.
ENABLE_STORE_MISSING_SYMBOLS = values.BooleanValue(True)
# The prefix used when generating directories in the temp directory.
UPLOAD_TEMPDIR_PREFIX = values.Value("raw-uploads")
# When doing local development, especially load testing, it's sometimes
# useful to be able to bypass all URL checks for Upload by Download.
ALLOW_UPLOAD_BY_ANY_DOMAIN = values.BooleanValue(False)
# This is only really meant for the sake of being overrideable by
# other setting classes; in particular the 'Test' class.
SYNCHRONOUS_UPLOAD_FILE_UPLOAD = False
DOWNLOAD_LEGACY_PRODUCTS_PREFIXES = [
"firefox",
"seamonkey",
"sunbird",
"thunderbird",
"xulrunner",
"fennec",
"b2g",
]
class Core(AWS, Celery, Constance, CSP, Configuration):
"""Configuration that will never change per-environment."""
#: The directory in which the settings file reside.
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
#: Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(THIS_DIR)
#: The current ATMO version.
VERSION = get_version(BASE_DIR)
#: Using the default first site found by django.contrib.sites
SITE_ID = 1
#: The installed apps.
INSTALLED_APPS = [
# Project specific apps
'atmo.apps.AtmoAppConfig',
'atmo.clusters',
'atmo.jobs',
'atmo.apps.KeysAppConfig',
'atmo.users',
'atmo.stats',
# Third party apps
'allauth',
'allauth.account',
'allauth.socialaccount',
'guardian',
'constance',
'constance.backends.database',
'dockerflow.django',
'django_celery_monitor',
'django_celery_results',
'flat_responsive',
# Django apps
'django.contrib.sites',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
]
MIDDLEWARE = (
'django.middleware.security.SecurityMiddleware',
'dockerflow.django.middleware.DockerflowMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'session_csrf.CsrfMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'csp.middleware.CSPMiddleware',
)
ROOT_URLCONF = 'atmo.urls'
WSGI_APPLICATION = 'atmo.wsgi.application'
DEFAULT_FROM_EMAIL = '*****@*****.**'
# The email backend.
EMAIL_BACKEND = 'django_amazon_ses.backends.boto.EmailBackend'
EMAIL_SUBJECT_PREFIX = '[Telemetry Analysis Service] '
@property
def DJANGO_AMAZON_SES_REGION(self):
return self.AWS_CONFIG['AWS_REGION']
#: Adds the django-allauth authentication backend.
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'allauth.account.auth_backends.AuthenticationBackend',
'guardian.backends.ObjectPermissionBackend',
)
LOGIN_URL = reverse_lazy('account_login')
LOGOUT_URL = reverse_lazy('account_logout')
LOGIN_REDIRECT_URL = reverse_lazy('dashboard')
# django-allauth configuration
ACCOUNT_LOGOUT_REDIRECT_URL = LOGIN_REDIRECT_URL
ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 7
ACCOUNT_EMAIL_SUBJECT_PREFIX = EMAIL_SUBJECT_PREFIX
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = 'optional'
ACCOUNT_LOGOUT_ON_GET = True
ACCOUNT_ADAPTER = 'atmo.users.adapters.AtmoAccountAdapter'
ACCOUNT_USERNAME_REQUIRED = False
SOCIALACCOUNT_ADAPTER = 'atmo.users.adapters.AtmoSocialAccountAdapter'
SOCIALACCOUNT_EMAIL_VERIFICATION = 'none' # no extra verification needed
SOCIALACCOUNT_QUERY_EMAIL = True # needed by the Google provider
SOCIALACCOUNT_PROVIDERS = {
'google': {
'HOSTED_DOMAIN': 'mozilla.com',
'AUTH_PARAMS': {
'prompt': 'select_account',
}
}
}
MESSAGE_TAGS = {
messages.ERROR: 'danger'
}
# Raise PermissionDenied in get_40x_or_None which is used
# by permission_required decorator
GUARDIAN_RAISE_403 = True
# Internationalization
# https://docs.djangoproject.com/en/1.9/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = False
USE_L10N = False
USE_TZ = True
DATETIME_FORMAT = 'Y-m-d H:i' # simplified ISO format since we assume UTC
STATIC_ROOT = values.Value(default='/opt/static/')
STATIC_URL = '/static/'
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
STATICFILES_FINDERS = [
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
'npm.finders.NpmFinder',
]
NPM_ROOT_PATH = values.Value(default='/opt/npm/')
NPM_STATIC_FILES_PREFIX = 'npm'
NPM_FILE_PATTERNS = {
'ansi_up': ['ansi_up.js'],
'bootstrap': [
'dist/fonts/*',
'dist/css/*',
'dist/js/bootstrap*.js',
],
'bootstrap-confirmation2': ['bootstrap-confirmation.min.js'],
'bootstrap-datetime-picker': [
'css/*.css',
'js/*.js',
],
'clipboard': ['dist/clipboard.min.js'],
'jquery': ['dist/*.js'],
'marked': ['marked.min.js'],
'moment': ['min/moment.min.js'],
'notebookjs': ['notebook.min.js'],
'parsleyjs': ['dist/parsley.min.js'],
'prismjs': [
'prism.js',
'components/*.js',
'plugins/autoloader/*.js',
'themes/prism.css',
],
'raven-js': [
'dist/raven.*',
],
'remarkable': ['dist/remarkable.min.js']
}
# the directory to have Whitenoise serve automatically on the root of the URL
WHITENOISE_ROOT = os.path.join(THIS_DIR, 'static', 'public')
WHITENOISE_ALLOW_ALL_ORIGINS = False
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'default'
SILENCED_SYSTEM_CHECKS = [
'security.W003', # We're using django-session-csrf
# We can't set SECURE_HSTS_INCLUDE_SUBDOMAINS since this runs under a
# mozilla.org subdomain
'security.W005',
'security.W009', # we know the SECRET_KEY is strong
]
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'OPTIONS': {
'context_processors': [
'django.contrib.auth.context_processors.auth',
'django.template.context_processors.debug',
'django.template.context_processors.i18n',
'django.template.context_processors.media',
'django.template.context_processors.static',
'django.template.context_processors.tz',
'django.template.context_processors.request',
'django.contrib.messages.context_processors.messages',
'session_csrf.context_processor',
'atmo.context_processors.settings',
'atmo.context_processors.version',
'atmo.context_processors.alerts',
'constance.context_processors.config',
],
'loaders': [
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
],
'libraries': {
'atmo': 'atmo.templatetags',
},
}
},
]
class Core(Configuration):
"""Configuration that will never change per-environment."""
#: The directory in which the settings file reside.
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
#: Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(THIS_DIR)
#: The current GLAM version.
VERSION = get_version(BASE_DIR)
#: Using the default first site found by django.contrib.sites
SITE_ID = 1
#: The installed apps.
INSTALLED_APPS = [
# Run whitenoise with runserver
"whitenoise.runserver_nostatic",
# Project specific apps
"glam.apps.GlamAppConfig",
"glam.api",
# Third party apps
"dockerflow.django",
# Django apps
"django.contrib.auth",
"mozilla_django_oidc",
"django.contrib.contenttypes",
"django.contrib.staticfiles",
]
MIDDLEWARE = [
"django.middleware.security.SecurityMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"dockerflow.django.middleware.DockerflowMiddleware",
"django.middleware.common.CommonMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
]
ROOT_URLCONF = "glam.urls"
WSGI_APPLICATION = "glam.wsgi.application"
DEFAULT_FROM_EMAIL = "*****@*****.**"
# Internationalization
# https://docs.djangoproject.com/en/1.9/topics/i18n/
LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
USE_I18N = False
USE_L10N = False
USE_TZ = True
DATETIME_FORMAT = "Y-m-d H:i" # simplified ISO format since we assume UTC
STATICFILES_DIRS = [
os.path.join(BASE_DIR, "public"),
]
STATIC_ROOT = values.Value(
default=os.path.join(BASE_DIR, "public", "static"))
STATIC_URL = "/static/"
# the directory to have Whitenoise serve automatically on the root of the URL
WHITENOISE_ROOT = STATIC_ROOT
SILENCED_SYSTEM_CHECKS = [
# We can't set SECURE_HSTS_INCLUDE_SUBDOMAINS since this runs under a
# mozilla.org subdomain
"security.W005",
"security.W009", # we know the SECRET_KEY is strong
]
TEMPLATES = [{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"DIRS": [os.path.join(BASE_DIR, "public")],
"APP_DIRS": True,
"OPTIONS": {
"context_processors": [
"django.template.context_processors.debug",
"django.template.context_processors.request",
"django.contrib.auth.context_processors.auth",
"django.contrib.messages.context_processors.messages",
],
},
}]
# Django REST Framework
REST_FRAMEWORK = {
"DEFAULT_PARSER_CLASSES": ["drf_orjson_renderer.parsers.ORJSONParser"],
"DEFAULT_RENDERER_CLASSES":
["drf_orjson_renderer.renderers.ORJSONRenderer"],
"DATETIME_FORMAT":
"%Y-%m-%dT%H:%M:%S",
}
GA_TRACKING_ID = values.Value("",
environ_name="GA_TRACKING_ID",
environ_prefix=None)
class Core(CSP, AWS, Configuration):
"""Settings that will never change per-environment."""
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
BASE_DIR = os.path.dirname(THIS_DIR)
VERSION = get_version(BASE_DIR)
# Using the default first site found by django.contrib.sites
SITE_ID = 1
INSTALLED_APPS = [
# Project specific apps
'tecken.apps.TeckenAppConfig',
'tecken.symbolicate',
# 'tecken.clusters',
# 'atmo.jobs',
# 'atmo.apps.KeysAppConfig',
# 'atmo.users',
# Third party apps
# 'django_rq',
# 'allauth',
# 'allauth.account',
# 'allauth.socialaccount',
# 'guardian',
# 'constance',
# 'constance.backends.database',
'dockerflow.django',
# Django apps
'django.contrib.sites',
# 'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
]
MIDDLEWARE_CLASSES = (
'django.middleware.security.SecurityMiddleware',
'dockerflow.django.middleware.DockerflowMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'csp.middleware.CSPMiddleware',
)
ROOT_URLCONF = 'tecken.urls'
WSGI_APPLICATION = 'tecken.wsgi.application'
# Add the django-allauth authentication backend.
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
# 'allauth.account.auth_backends.AuthenticationBackend',
# 'guardian.backends.ObjectPermissionBackend',
)
# LOGIN_URL = reverse_lazy('account_login')
# LOGOUT_URL = reverse_lazy('account_logout')
# LOGIN_REDIRECT_URL = reverse_lazy('dashboard')
# django-allauth configuration
# ACCOUNT_LOGOUT_REDIRECT_URL = LOGIN_REDIRECT_URL
# ACCOUNT_EMAIL_CONFIRMATION_EXPIRE_DAYS = 7
# ACCOUNT_EMAIL_SUBJECT_PREFIX = '[Telemetry Analysis Service] '
# ACCOUNT_EMAIL_REQUIRED = True
# ACCOUNT_EMAIL_VERIFICATION = 'optional'
# ACCOUNT_LOGOUT_ON_GET = True
# ACCOUNT_ADAPTER = 'atmo.users.adapters.AtmoAccountAdapter'
# ACCOUNT_USERNAME_REQUIRED = False
# ACCOUNT_USER_DISPLAY = 'atmo.users.utils.email_user_display'
# SOCIALACCOUNT_ADAPTER = 'atmo.users.adapters.AtmoSocialAccountAdapter'
# SOCIALACCOUNT_EMAIL_VERIFICATION = 'none' # no extra verification needed
# SOCIALACCOUNT_QUERY_EMAIL = True # needed by the Google provider
# SOCIALACCOUNT_PROVIDERS = {
# 'google': {
# 'HOSTED_DOMAIN': 'mozilla.com',
# 'AUTH_PARAMS': {
# 'prompt': 'select_account',
# }
# }
# }
MESSAGE_TAGS = {messages.ERROR: 'danger'}
# render the 403.html file
# GUARDIAN_RENDER_403 = True
# Internationalization
# https://docs.djangoproject.com/en/1.9/topics/i18n/
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = False
USE_L10N = False
USE_TZ = True
DATETIME_FORMAT = 'Y-m-d H:i' # simplified ISO format since we assume UTC
STATIC_ROOT = values.Value(default='/opt/static/')
STATIC_URL = '/static/'
# STATICFILES_STORAGE = (
# 'whitenoise.storage.CompressedManifestStaticFilesStorage'
# )
# STATICFILES_FINDERS = [
# 'django.contrib.staticfiles.finders.FileSystemFinder',
# 'django.contrib.staticfiles.finders.AppDirectoriesFinder',
# 'npm.finders.NpmFinder',
# ]
#
# NPM_ROOT_PATH = values.Value(default='/opt/npm/')
# NPM_STATIC_FILES_PREFIX = 'npm'
# NPM_FILE_PATTERNS = {
# 'ansi_up': ['ansi_up.js'],
# 'bootstrap': [
# 'dist/fonts/*',
# 'dist/css/*',
# 'dist/js/bootstrap*.js',
# ],
# 'bootstrap-confirmation2': ['bootstrap-confirmation.min.js'],
# 'bootstrap-datetime-picker': [
# 'css/*.css',
# 'js/*.js',
# ],
# 'clipboard': ['dist/clipboard.min.js'],
# 'jquery': ['dist/*.js'],
# 'marked': ['marked.min.js'],
# 'moment': ['min/moment.min.js'],
# 'notebookjs': ['notebook.min.js'],
# 'parsleyjs': ['dist/parsley.min.js'],
# 'prismjs': [
# 'prism.js',
# 'components/*.js',
# 'plugins/autoloader/*.js',
# 'themes/prism.css',
# ],
# 'raven-js': [
# 'dist/raven.*',
# ]
# }
# the directory to have Whitenoise serve automatically on the
# root of the URL
# WHITENOISE_ROOT = os.path.join(THIS_DIR, 'static', 'public')
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'default'
# XXX what IS this?
SILENCED_SYSTEM_CHECKS = [
'security.W003', # We're using django-session-csrf
# We can't set SECURE_HSTS_INCLUDE_SUBDOMAINS since this runs under a
# mozilla.org subdomain
'security.W005',
'security.W009', # we know the SECRET_KEY is strong
]
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'OPTIONS': {
'context_processors': [
'django.contrib.auth.context_processors.auth',
'django.template.context_processors.debug',
'django.template.context_processors.i18n',
'django.template.context_processors.media',
'django.template.context_processors.static',
'django.template.context_processors.tz',
'django.template.context_processors.request',
'django.contrib.messages.context_processors.messages',
# 'atmo.context_processors.settings',
# 'atmo.context_processors.version',
# 'atmo.context_processors.alerts',
],
'loaders': [
'django.template.loaders.filesystem.Loader',
'django.template.loaders.app_directories.Loader',
],
}
},
]
class Core(AWS, Celery, Constance, CSP, Configuration):
"""Configuration that will never change per-environment."""
#: The directory in which the settings file reside.
THIS_DIR = os.path.dirname(os.path.abspath(__file__))
#: Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(THIS_DIR)
#: The current ATMO version.
VERSION = get_version(BASE_DIR)
#: Using the default first site found by django.contrib.sites
SITE_ID = 1
#: The installed apps.
INSTALLED_APPS = [
# Project specific apps
"atmo.apps.AtmoAppConfig",
"atmo.clusters",
"atmo.jobs",
"atmo.apps.KeysAppConfig",
"atmo.users",
"atmo.stats",
# Third party apps
"guardian",
"constance",
"constance.backends.database",
"dockerflow.django",
"django_celery_monitor",
"django_celery_results",
"flat_responsive",
# Django apps
"django.contrib.sites",
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
"django.contrib.sessions",
"django.contrib.messages",
"django.contrib.staticfiles",
# needs to load after django.contrib.auth
"mozilla_django_oidc",
]
MIDDLEWARE = (
"django_cookies_samesite.middleware.CookiesSameSite",
"django.middleware.security.SecurityMiddleware",
"dockerflow.django.middleware.DockerflowMiddleware",
"whitenoise.middleware.WhiteNoiseMiddleware",
"django.contrib.sessions.middleware.SessionMiddleware",
"django.middleware.common.CommonMiddleware",
"django.contrib.auth.middleware.AuthenticationMiddleware",
"session_csrf.CsrfMiddleware",
"django.contrib.auth.middleware.SessionAuthenticationMiddleware",
"django.contrib.messages.middleware.MessageMiddleware",
"django.middleware.clickjacking.XFrameOptionsMiddleware",
"csp.middleware.CSPMiddleware",
)
ROOT_URLCONF = "atmo.urls"
WSGI_APPLICATION = "atmo.wsgi.application"
DEFAULT_FROM_EMAIL = "*****@*****.**"
# The email backend.
EMAIL_BACKEND = "django_amazon_ses.EmailBackend"
EMAIL_SUBJECT_PREFIX = "[Telemetry Analysis Service] "
@property
def AWS_DEFAULT_REGION(self):
return self.AWS_CONFIG["AWS_REGION"]
AUTHENTICATION_BACKENDS = (
"django.contrib.auth.backends.ModelBackend",
"atmo.users.backends.AtmoOIDCAuthenticationBackend",
"guardian.backends.ObjectPermissionBackend",
)
LOGIN_URL = reverse_lazy("users-login")
LOGOUT_URL = reverse_lazy("oidc_logout")
LOGIN_REDIRECT_URL = reverse_lazy("dashboard")
LOGOUT_REDIRECT_URL = reverse_lazy("dashboard")
LOGIN_REDIRECT_URL_FAILURE = reverse_lazy("dashboard")
OIDC_STORE_ACCESS_TOKEN = True
OIDC_USERNAME_ALGO = "atmo.users.utils.generate_username_from_email"
OIDC_EXEMPT_URLS = ["users-login"]
# When enabled this will match the remote groups provided via the OIDC
# claims with configured list of allowed user groups using UNIX shell-style
# wildcards such as * and ?.
REMOTE_GROUPS_ENABLED = values.BooleanValue(default=False)
REMOTE_GROUPS_ALLOWED = values.SetValue(set(), separator=",")
MESSAGE_TAGS = {messages.ERROR: "danger"}
# Raise PermissionDenied in get_40x_or_None which is used
# by permission_required decorator
GUARDIAN_RAISE_403 = True
# Internationalization
# https://docs.djangoproject.com/en/1.9/topics/i18n/
LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
USE_I18N = False
USE_L10N = False
USE_TZ = True
DATETIME_FORMAT = "Y-m-d H:i" # simplified ISO format since we assume UTC
STATIC_ROOT = values.Value(default="/opt/static/")
STATIC_URL = "/static/"
STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"
STATICFILES_FINDERS = [
"django.contrib.staticfiles.finders.FileSystemFinder",
"django.contrib.staticfiles.finders.AppDirectoriesFinder",
"npm.finders.NpmFinder",
]
NPM_ROOT_PATH = values.Value(default="/opt/npm/")
NPM_STATIC_FILES_PREFIX = "npm"
NPM_FILE_PATTERNS = {
"ansi_up": ["ansi_up.js"],
"bootstrap": ["dist/fonts/*", "dist/css/*", "dist/js/bootstrap*.js"],
"bootstrap-confirmation2": ["bootstrap-confirmation.min.js"],
"bootstrap-datetime-picker": ["css/*.css", "js/*.js"],
"clipboard": ["dist/clipboard.min.js"],
"jquery": ["dist/*.js"],
"marked": ["marked.min.js"],
"moment": ["min/moment.min.js"],
"notebookjs": ["notebook.min.js"],
"parsleyjs": ["dist/parsley.min.js"],
"prismjs": [
"prism.js",
"components/*.js",
"plugins/autoloader/*.js",
"themes/prism.css",
],
"raven-js": ["dist/raven.*"],
"remarkable": ["dist/remarkable.min.js"],
}
# the directory to have Whitenoise serve automatically on the root of the URL
WHITENOISE_ROOT = os.path.join(THIS_DIR, "static", "public")
WHITENOISE_ALLOW_ALL_ORIGINS = False
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
SESSION_CACHE_ALIAS = "default"
SESSION_COOKIE_SAMESITE = "Lax"
# in addition to sessionid and csrftoken cookies we use this cookie:
SESSION_COOKIE_SAMESITE_KEYS = ["news_current", "anoncsrf"]
SILENCED_SYSTEM_CHECKS = [
"security.W003", # We're using django-session-csrf
# We can't set SECURE_HSTS_INCLUDE_SUBDOMAINS since this runs under a
# mozilla.org subdomain
"security.W005",
"security.W009", # we know the SECRET_KEY is strong
]
TEMPLATES = [
{
"BACKEND": "django.template.backends.django.DjangoTemplates",
"OPTIONS": {
"context_processors": [
"django.contrib.auth.context_processors.auth",
"django.template.context_processors.debug",
"django.template.context_processors.i18n",
"django.template.context_processors.media",
"django.template.context_processors.static",
"django.template.context_processors.tz",
"django.template.context_processors.request",
"django.contrib.messages.context_processors.messages",
"session_csrf.context_processor",
"atmo.context_processors.settings",
"atmo.context_processors.version",
"atmo.context_processors.alerts",
"constance.context_processors.config",
],
"loaders": [
"django.template.loaders.filesystem.Loader",
"django.template.loaders.app_directories.Loader",
],
"libraries": {"atmo": "atmo.templatetags"},
},
}
]
def test_no_version_json(tmpdir):
version = get_version(str(tmpdir))
assert version is None
